Problem with SSH Forwarding using Ansible and Vagrant

[Navid Paya]

Hi all

I'm trying to use SSH forwarding to clone some private repos from github using Ansible on a Vagrant instance but it fails. Here are the involved artifacts. I've read pretty much all the related Google searches but can't figure out what's wrong after a couple of days.

Vagrantfile

local.yml

nodes.yml

Any this is the log I get when running the playbook.

<127.0.0.1> ESTABLISH CONNECTION FOR USER: vagrant

<127.0.0.1> REMOTE_MODULE git repo=ssh:********@github.com:myteksi/dispatcher-API.git accept_hostkey=yes dest=/tmp/-API

<127.0.0.1> EXEC ['ssh', '-C', '-tt', '-vvv', '-o', 'ForwardAgent=yes', '-o', 'ControlMaster=auto', '-o', 'ControlPersist=60s', '-o', 'ControlPath=/Users/navid/.ansible/cp/ansible-ssh-%h-%p-%r', '-o', 'StrictHostKeyChecking=no', '-o', 'Port=2222', '-o', 'IdentityFile="/Users/navid/.vagrant.d/insecure_private_key"', '-o', 'KbdInteractiveAuthentication=no', '-o', 'PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey', '-o', 'PasswordAuthentication=no', '-o', 'User=vagrant', '-o', 'ConnectTimeout=10', '127.0.0.1', "/bin/sh -c 'mkdir -p $HOME/.ansible/tmp/ansible-tmp-1414142060.76-115960370897689 && chmod a+rx $HOME/.ansible/tmp/ansible-tmp-1414142060.76-115960370897689 && echo $HOME/.ansible/tmp/ansible-tmp-1414142060.76-115960370897689'"]

<127.0.0.1> PUT /var/folders/5y/f05p3ryx575fjvsrmrv2w1100000gn/T/tmpnk8Suv TO /home/vagrant/.ansible/tmp/ansible-tmp-1414142060.76-115960370897689/git

<127.0.0.1> EXEC ['ssh', '-C', '-tt', '-vvv', '-o', 'ForwardAgent=yes', '-o', 'ControlMaster=auto', '-o', 'ControlPersist=60s', '-o', 'ControlPath=/Users/navid/.ansible/cp/ansible-ssh-%h-%p-%r', '-o', 'StrictHostKeyChecking=no', '-o', 'Port=2222', '-o', 'IdentityFile="/Users/navid/.vagrant.d/insecure_private_key"', '-o', 'KbdInteractiveAuthentication=no', '-o', 'PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey', '-o', 'PasswordAuthentication=no', '-o', 'User=vagrant', '-o', 'ConnectTimeout=10', '127.0.0.1', u"/bin/sh -c 'LANG=en_US.UTF-8 LC_CTYPE=en_US.UTF-8 /usr/bin/python /home/vagrant/.ansible/tmp/ansible-tmp-1414142060.76-115960370897689/git; rm -rf /home/vagrant/.ansible/tmp/ansible-tmp-1414142060.76-115960370897689/ >/dev/null 2>&1'"]

failed: [default] => (item=-API) => {"cmd": "/usr/bin/git ls-remote ssh:********", "failed": true, "item": "-API", "rc": 128}

stderr: ERROR: Repository not found.

fatal: Could not read from remote repository.

Please make sure you have the correct access rights

and the repository exists.

msg: ERROR: Repository not found.

fatal: Could not read from remote repository.

Please make sure you have the correct access rights

and the repository exists.

Now if I do a "vagrant ssh" and then do "ssh-add -L", I can see the key is forwarded and I can clone the same repo just fine. The log doesn't look like I'm doing sudo for that task as well, although I added this to my shudders file to test that as well:

Defaults env_keep += "SSH_AUTH_SOCK"

Any help is appreciated.

[Michael DeHaan]

"I'm trying to use SSH forwarding to clone some private repos from github using Ansible on a Vagrant instance but it fails"

Would it be possible to put your private key on the development machine, since it's local to you anyway?

You could then use the key_file parameter and save yourself the trouble.

Unfortunately I don't know a lot about Vagrant but a lot of people get confused by the provisioner when trying to do fancy things with it, and the extra level of SSH involved may be hiccuping things.

http://docs.ansible.com/git_module.html

--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To post to this group, send email to ansible...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/758a4c05-ea52-4cf0-9be1-4920fd24a378%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Navid Paya]

Yes, I could do that. It's just that my SSH key has full access to everything and didn't want to even take a chance leaving it in the box once it's generated and I want to share it with others but I guess you are right. Not that hard to get around it using synced folders or something of that kind. Just one question. How can I get the exact command that Ansible tries to run when connecting to the vagrant host?I see the EXEC part in the debug message. Is that the one?

--
You received this message because you are subscribed to a topic in the Google Groups "Ansible Project" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/ansible-project/6PiUhFUNk9M/unsubscribe.
To unsubscribe from this group and all its topics, send an email to ansible-proje...@googlegroups.com.

To post to this group, send email to ansible...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgxuo%2BZ%3Dd4KF_8ncfmsasEW61X18hctmHVcPi%2BHm-LfVXA%40mail.gmail.com.